Rechercher une page de manuel
rfsd
Langue: en
Version: 303984 (debian - 07/07/09)
Section: 8 (Commandes administrateur)
Sommaire
NAME
rfsd - remotefs serverSYNOPSIS
rfsd [OPTION]OPTIONS
-h
- Show help
-a ADDRESS
- Listen for connections on ADDRESS
-p PORT
- Listen for connections on PORT
-u USERNAME
- Worker process be running with privileges of USERNAME
-g GROUPNAME
- Worker process be running with privileges of GROUP
-r PATH
- Change pidfile path from default to PATH
-e PATH
- Load exports from PATH
-s PATH
- Load passwords from PATH
DESCRIPTION
rfsd may work in two modes:Just file server
For this mode all users may be authenticated by IP-address or login and password. All users will be able to read files in exported directory and write to files unless there is an "ro" option specified for this export.
rfsd worker process will be running with privileges of user (and group) specified by -u and -g options (root by default). Alternatively, worker process user and group may be overridden by specifying "user=" and "group=" options for a particular export.
UGO compatibility mode
For this mode, rfsd will log the user into the server's OS. It's like remote shell, but without the actual shell, just for file access. To enable this mode, set option "ugo" for export(s).
If ugo option is specified, -u and -g options in rsfd command line as well as "user=", "group=" and "ro" options in exports file are ignored.
You need to create system users with the same names as remotefs users. However, rfsd will not use system passwords database for authentication, it will use rfspasswd database instead.
In this mode users could use chown and chmod commands to set access rights. Remote and local systems should be synced for this mode to work fully. Otherwise the server may refuse to set the owner if it isn't aware of the specified user or group and the client may report the wrong owner or group.
See rfs(1) for description of side effects of unsynced systems at client's side.
SECURITY NOTES
Official recommendation for remotefs is to keep it away from untrusted networks. You normally setup rfsd to listen on a local network. If you absolutely need to use it over the Internet, you should at least firewall the connection with a specific IP-address.
Please consider this advice seriously.
BTW, rfsd will warn you about listening on an interface that is not local and will refuse to run until -q option is provided, or a local interface is specified.
NOTE ABOUT SSL (in SVN)
Current SSL support uses certificates, but doesn't verify them. (Using certificates is an SSL requirement). For that reason it is currently vulnerable to the "Man-in-the-middle" attack (http://en.wikipedia.org/wiki/Man_in_the_middle).
We're only providing an encrypted session without any peer verification. Please keep it in mind when using built-in SSL.
If you're not satisfied with this, please consider other approaches like stunnel or ssl -L.
EXAMPLES
Please refer to examples in /etc/rfs-exports
AUTHORS
Aleksey Tulinov: aleksey_t@users.sourceforge.net
Jean-Jacques Sarton: jjsarton@users.sourceforge.net
REPORTING BUGS
See remotefs project on SourceForge: http://remotefs.sourceforge.net/COPYING
GNU General Public License (GPL)
SEE ALSO
Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre